Zendesk hacked – Tumblr, Pinterest, Twitter user email addresses stolen

zendesk

Tumblr has sent out emails to its users notifying them of a security breach. However, the issue isn’t Tumblr’s system’s fault, as the hack can be traced back to Zendesk, the email and contact support client that Tumblr and a handful of other social applications use.  Pinterest and Twitter are also suffering at the Zendesk security failure. 

The security vulnerability has been patched up already, Zendesk wrote in a blog post. But the damage has been done already: The hacker downloaded the email addresses of people who emailed Twitter, Tumblr, and Pinterest support. The only silver lining is that users’ passwords are safe and sound.

If you’re a Tumblr user and ever contacted its support team via email in the past 2.5 years since Tumblr has been using Zendesk Tumblr says that there’s a good chance that you’ve been affected. These are the warning words Tumblr had for users. 

“This (security breach) has potentially exposed records of subject lines and, in some cases, email addresses of messages sent to Tumblr Support. While much of this information is innocuous, please take some time today to consider the following:

The subject lines of your emails to Tumblr Support may have included the address of your blog which could potentially allow your blog to be unwillingly associated with your email address.

Any other information included in the subject lines of emails you’ve sent to Tumblr Support may be exposed. We recommend you review any correspondence you’ve addressed to support@tumblr.com, abuse@tumblr.com, dmca@tumblr.com, legal@tumblr.com, enquiries@tumblr.com, or lawenforcement@tumblr.com.

Tumblr will never ask you for your password by email. Emails are easy to fake, and you should be suspicious of unexpected emails you receive.”

The last point is critical. Phishing is a common attack conducted via email to dupe recipients into clicking on malicious links, opening up tainted attachments, or asking them to divulge personal information. Now any emails you might receive that look similar to a Tumblr address but seem suspicious for whatever reasons should be approached with serious caution. The email that Pinterest and Twitter has sent out also reaffirms that its users shouldn’t divulge their account information, especially passwords.

Fortunately for Twitter, the social network is using DMARC, Domain-based Message Authentication, so that email providers including AOL, Gmail, Outlook, and Yahoo! Mail, can flag and delete any emails that are trying to mimic a company’s real email address. So if you’ve emailed Twitter support before, the hacker probably has access to your email address, but with DMARC in place, any efforts to contact and phish for your information should be curbed. Let’s just hope that Tumblr and Pinterest follow suit.

Social Media

Instagram ditches plans for stand-alone Direct messaging app

Instagram is shuttering it's stand-alone messaging app, Direct, after testing it since 2017. While the messaging features remain intact inside Instagram, the separate app will be discontinued in the next few weeks.
Social Media

6 easy ways to archive all of your favorite Instagram videos

Saving Instagram videos should be just as easy as taking a screenshot. So, we've put together a list of the best apps and tools that save your favorite Instagram videos onto your phone or computer.
Social Media

Instagram’s new Explore grid tempts you to open your wallet

Instagram has made some changes to its Explore tab that might tempt you into the occasional shopping spree. It's also planning to add Stories to the grid, mixing them up with the existing photos and videos.
Social Media

Be the master of your own Insta-verse with multiple Instagram accounts

Whether you own a small business or have separate Instagram accounts for your five cats, we'll walk you through the process of switching between your multiple accounts on your Apple or Android devices.
Social Media

A fond farewell to Grumpy Cat, the internet’s most famous feline

We say farewell and fondly remember Grumpy Cat, the internet's famous frowning feline and a genuine sweetheart, who died at the age of seven. Even tempered and tolerant, Grumpy Cat was in real life the opposite of her online persona.
Mobile

Treat your selfie with one of these 13 apps made to beautify your pics

Selfies might be a phenomenon second only to karaoke, but they're not the easiest thing in the world to create. Thankfully, these awesome selfie apps for Android and iOS will make beautifying your self-portraits easier than capturing them.
Web

Creators of WhatsApp attack software face lawsuit from Amnesty International

This week a spyware attack was launched on WhatsApp. Now the Israeli firm linked to that attack is facing a lawsuit from human rights NGO Amnesty International, alleging their software has been used to surveil human rights defenders.
Mobile

New York could dish out fines for texting while crossing the street

Do you text on your phone while crossing the street? The dangers of stepping out in front of a car or bus are obvious, but in New York, offenders could soon face a fine of as much as $250, too.
Social Media

Help wanted: British royal family seeks social media wiz to run its accounts

The British royal family is looking for a social media expert to help it communicate its role and activities to the masses. So if you like the idea of having the Queen as your boss, why not throw your hat in the ring?
Social Media

Millions of Instagram influencers reportedly had private data exposed online

As many as 49 million Instagram influencers have reportedly had their private data exposed in an online database that had no password protection. The database was apparently created by a marketing firm and has been taken offline.
Social Media

Twitter co-founder Ev Williams still wants to save the world

Social media is evil, leading to a mental health crisis in Gen Z and a rise in hate speech. But there’s light at the end of the tunnel, says Ev Williams, the co-founder of Twitter. But weaning ourselves off today's social media won't be…
Social Media

Facebook gets a bad rap, former exec says, but we should break it up anyway

The rise of hate speech, the trolling, the comment on Facebook? Not Facebook's fault, says Alex Stamos, the social network's former chief security officer. But the site should still be broken up, he says.
Web

What is Reddit? A beginner’s guide to the front page of the internet

If you spend much time online, you've probably heard of Reddit. Here, we break down the terminology, perks, and inner workings of everyone's favorite social platform. Understanding the "front page of the internet" has never been so easy.
Mobile

Looking for love or just some fun? Cozy up with the best dating apps of 2019

Everyone knows online dating can be stressful, time-consuming, and downright awful. Check out our top picks for the best dating apps, so you can streamline the process and find the right date, whatever you're looking for.